<?php
    $page = $_GET['page'];

if($page=='library')
{

    require('db_connection.php');
    $libraryName=$_POST['libraryName'];
    $address=$_POST['address'];
    $contactNo=$_POST['contactNo'];
    $description=$_POST['description'];
    
    $query1="SELECT MAX(libraryNo) FROM tbllibrary";
    $result=mysql_query($query1);
     while ($row = mysql_fetch_array($result))
        {

            $libNo = $row['MAX(libraryNo)'];
        }

    //$sql = "Select * from tbllibrary";
    //$result = mysql_query($sql);
    $ctr = $libNo+1;

    //$ctr = $result;

    //$file_name = $HTTP_POST_FILES['ufile']['name'];
    $new_file_name="$ctr.jpg";
    $path= "images/library/".$new_file_name;
    if($ufile !=none)
    {
    if(copy($HTTP_POST_FILES['ufile']['tmp_name'], $path))
    {
    //echo "Successful<BR/>";

    //$new_file_name = new file name
    //$HTTP_POST_FILES['ufile']['size'] = file size
    //$HTTP_POST_FILES['ufile']['type'] = type of file
    //echo "File Name :".$new_file_name."<BR/>";
    //echo "File Size :".$HTTP_POST_FILES['ufile']['size']."<BR/>";
    //echo "File Type :".$HTTP_POST_FILES['ufile']['type']."<BR/>";
    }
    else
    {
        //echo "Error";
        $new_file_name="nophoto.jpg";
    }
    }

    $query = "INSERT INTO tbllibrary VALUES ('$libraryName','$ctr','$address','$contactNo','$description','$new_file_name')";
    //echo $query;
    $result = mysql_query($query);
    if($result){
        //echo("Record sucessfully added.");
        echo"<script> alert('Library sucessfully added!');</script>";
/*
           $host  = $_SERVER['HTTP_HOST'];
           $uri  = rtrim(dirname($_SERVER['PHP_SELF']), '/\\');
           $extra = 'libprofileview.php';
           header("Location: http://$host$uri/$extra");
*/
    echo"'<script>document.location.href='libprofileview.php'</script>'";


    }else{
       //echo("Adding failed.");
       echo"<script> alert('Adding new library failed!!');</script>";
       echo"'<script>document.location.href='libentry.php'</script>'";
    }
    mysql_close();
}
if($page=='catalog')
{
    require('db_connection.php');

    $libraryNo = $_COOKIE["libraryNo"];
    $type = $_POST['type'];
    $callNo = $_POST['callNo'];
    $accessionNo = $_POST['accessionNo'];
    $title = $_POST['title'];
    $author = $_POST['author'];
    $subject = $_POST['subject'];
    $publisher = $_POST['publisher'];
    $placePub = $_POST['placePub'];
    $edition = $_POST['edition'];
    $isbn = $_POST['isbn'];
    $noOfPage = $_POST['noOfPage'];
    $width = $_POST['width'];
    $length = $_POST['length'];
    $acquisitionType = $_POST['acquisitionType'];
    $description = $_POST['description'];
    $copyNo = $_POST['copyNo'];
    $noOfDays = $_POST['noOfDays'];

    $query1="SELECT MAX(materialID) FROM tblcollection";
    $result=mysql_query($query1);
     while ($row = mysql_fetch_array($result))
        {

            $matID = $row['MAX(materialID)'];
        }

    $ctr = $matID+1;
    
    //$file_name = $HTTP_POST_FILES['ufile']['name'];
    $new_file_name="$ctr.jpg";
    $path= "images/catalog/".$new_file_name;
    if($ufile !=none)
    {
    if(copy($HTTP_POST_FILES['ufile']['tmp_name'], $path))
    {
    //echo "Successful<BR/>";

    //$new_file_name = new file name
    //$HTTP_POST_FILES['ufile']['size'] = file size
    //$HTTP_POST_FILES['ufile']['type'] = type of file
    //echo "File Name :".$new_file_name."<BR/>";
    //echo "File Size :".$HTTP_POST_FILES['ufile']['size']."<BR/>";
    //echo "File Type :".$HTTP_POST_FILES['ufile']['type']."<BR/>";
    }
    else
    {
        //echo "Error";
        $new_file_name="nophoto.jpg";
    }
    }
    
    $query = "INSERT INTO tblcollection VALUES ('$callNo','$type','$subject','$accessionNo','$title','$author','$publisher','$yearPub','$placePub','$edition','$isbn','$noOfPage','$width','$length','$acquisitionType','$new_file_name','$description','$copyNo','$ctr','$libraryNo','$noOfDays')";


    //echo $query;
    
    $result = mysql_query($query);
    if($result){
        //echo("Record sucessfully added.");
        echo"<script> alert('Catalog sucessfully added!');</script>";
        echo"'<script>document.location.href='catalogprint.php?materialID=$ctr'</script>'";
/*
          $host  = $_SERVER['HTTP_HOST'];
          $uri  = rtrim(dirname($_SERVER['PHP_SELF']), '/\\');
          $extra = 'catalogentry.php';
          header("Location: http://$host$uri/$extra");
*/

    }else{
       echo"<script> alert('Adding Failed!');</script>";
       echo"'<script>document.location.href='catalogentry.php'</script>'";
    }
    mysql_close();

}

if($page=='client')
{
    require('db_connection.php');
    $libraryNo = $_COOKIE['libraryNo'];
    $libraryCardNo = $_POST['libraryCardNo'];
    $lastName = $_POST['lastName'];
    $firstName = $_POST['firstName'];
    $middleName = $_POST['middleName'];
    $contactNo = $_POST['contactNo'];
    $address =$_POST['address'];
    $email = $_POST['email'];
    $schoolorg = $_POST['schoolorg'];
    $guarantor = $_POST['guarantor'];

    $qid = "SELECT MAX(userID) FROM tblclient";
    $sid = mysql_query($qid);
    while ($row = mysql_fetch_array($sid))
    {
        $clientID = $row['MAX(userID)'];
        //echo $clientID;
    }
    $clientID++;

    $query = "INSERT INTO tblclient VALUES ('$libraryCardNo','$lastName','$firstName','$middleName','$address','$contactNo','$email','$schoolorg','$clientID','$libraryNo','$guarantor','','0',0)";

    $result = mysql_query($query);

    if($result){
        echo "<script>alert('Record successfully saved!')</script>";
        echo ("<script> document.location.href='clientprint.php?userID=$clientID'</script>");
    }else{
        echo "<script>alert('Adding failed!')</script>";
        echo ("<script> document.location.href='cliententry.php'</script>");
    }
    mysql_close();
}

if($page=='admin')
{
    require('db_connection.php');

    $userName = $_POST['userName'];

    $qname = "SELECT * FROM tbladmin WHERE userName = '$userName'";
    $rname = mysql_query($qname);
    $ctr = mysql_num_rows($rname);

    if($ctr==0)
    {
        $libraryNo = $_POST['libraryNo'];
        $firstName = $_POST['firstName'];
        $middleName = $_POST['middleName'];
        $lastName = $_POST['lastName'];
        $password = $_POST['password'];
        $cpass = $_POST['cpass'];
        $contactNo = $_POST['contactNo'];
        $address =$_POST['address'];
        $email = $_POST['email'];
        $userType = $_POST['userType'];

        $qid = "SELECT MAX(adminID) FROM tbladmin";
        $sid = mysql_query($qid);
        while ($row = mysql_fetch_array($sid))
        {
            $adminID = $row['MAX(adminID)'];
        }
        $adminID++;
        $query = "INSERT INTO tbladmin VALUES ('$userName','$userType','$lastName','$firstName','$middleName',PASSWORD('$password'),'$email','$contactNo','$address','$libraryNo','$adminID')";

        $result = mysql_query($query);
        if($result){
            echo " <script>alert('Record successfully saved!')</script> ";
            echo ("<script> document.location.href='adminentry.php'</script>");
        }

        else{
            echo "<script>alert('Adding failed!')</script>";
            echo ("<script> document.location.href='adminentry.php'</script>");
        }
    }

    else
    {
        echo "<script>alert('User name has already been used!')</script>";
        echo ("<script>history.back();</script>");
    }
    mysql_close();
}
if($page=='news')
{
    require('db_connection.php');
    $libraryNo = $_COOKIE['libraryNo'];
    $userName = $_COOKIE['userName'];
    $title = $_POST['title'];
    
    $content = $_POST['content'];
    $today = date("Y-m-d H:i.s",time());

    $qname = "SELECT * FROM tbladmin WHERE userName='$userName'";
    $rname = mysql_query($qname);
    while ($row = mysql_fetch_array($rname))
    {
      $lastName = $row['lastName'];
      $firstName = $row['firstName'];
      
    }
    //$author = $firstName $lastName;
    $author = "$firstName $lastName";
    $qid = "SELECT MAX(newsID) FROM tblnews";
    $sid = mysql_query($qid);
    while ($row = mysql_fetch_array($sid))
    {
        $newsID = $row['MAX(newsID)'];
    }
    $newsID++;

    $query = "INSERT INTO tblnews VALUES ('$newsID','$title','$author','$content','$today','$libraryNo')";
    $result = mysql_query($query);

    if($result){
        echo "<script>alert('Record successfully saved!')</script>";
        echo "<script> document.location.href='newsentry.php'</script>";
    }else{
        echo "<script>alert('Adding failed!')</script>";
        echo ("<script> document.location.href='newsentry.php'</script>");
    }
    mysql_close();

}
?>
